Skip to content

Authorization after an Action

Something that has come up from time to time on the FIM forum is the need to trigger an AuthZ workflow based on some change made by an Action workflow (or by the Sync Service). This is not possible in the FIM Service today and I don’t see any evidence that it will be possible in the future either – I guess it must mess up the workflow processing on some fundamental level.

The gereral consensus on the forum has been that you need to start a new request from outside the Portal – perhaps by using a powershell script. This new request can then follow the full AuthN -> AuthZ -> Action progression. But how to trigger it?

I have now worked through this idea and it’s working, though did need quite a few policy objects in the Portal as well as the script.

Continue reading ›

2012 01 16 Carol FIM 2010
FIM 2010 R2
MPR
powershell
Sets
Workflow Comments (4) Permalink

Installing Reporting for FIM R2 RC

I have just installed the reporting for FIM R2 RC and generated my first reports. Though when I say “just” read that as “spent two days on it and reinstalled twice”. However it is now working (yay! Was it worth it? Not sure yet!) and here’s my write-up.

You should also refer to the following documents from the FIM R2 media:

  • Test Lab Guide: Demonstrating Forefront Identity Manager 2010 R2 Beta Reporting
  • Test Lab Guide: Installing Forefront Identity Manager 2010 R2 Release Candidate

Continue reading ›

2012 01 08 Carol FIM 2010 R2
Reporting Comments (4) Permalink

Powershell script to generate test users in AD

I needed to set up a test AD with realistic looking test users. This script by Alex Tcherniakhovski was the type of thing I wanted as it starts with lists of OUs, first names and last names and then creates accounts across all OUs listed, and using a random selection of names.

However Alex’s script uses Excel which I don’t have installed in my lab and don’t really want. So I’ve taken his source lists and his concept and written a little powershell script to do much the same thing.

You can download it from here.

2012 01 03 Carol AD
powershell Comments (0) Permalink

Annual blag post

I’ve received word that I have been awarded the MVP for 2012. I never take this for granted and it always makes me very happy to receive this acknowledgement, so thank you Microsoft and the FIM PG!

2012 01 02 Carol Uncategorized Comments (2) Permalink

Outbound Sync Rule Scope

Just getting started with FIM R2 RC here at the moment – and the first thing I’m excited about is outbound Sync Rule scopes!

Continue reading ›

2011 11 28 Carol FIM 2010
FIM 2010 R2 Comments (4) Permalink

Don’t use the FIM configuration migration scripts between versions

I’ve just been installing FIM R2 RC into my lab. Unfortunately I couldn’t get the portal to upgrade from R2 beta to R2 RC (and to be fair the doco doesn’t say you should be able to) so had the bright idea of using the migration scripts to do a config comparison between my beta and RC environments, and hopefully update the RC lab with my beta lab modifications.

I guess this shows I haven’t used the migration scripts all that much, because I didn’t realise they would start deleting all the new schema attributes to do with reporting!

So now I know: don’t use the FIM migration scripts between versions.

2011 11 27 Carol FIM 2010
powershell
Scripting Comments (3) Permalink

Microsoft.IdentityManagement.SolutionPackUtility.exe crashing FIM

Had a weird problem on a dev box. Whenever I launched Synchronization Service Manager, and sometimes even just when opening the properties of a MA, everything would stop while the server seemingly tried to install something in the background. Running taskmgr.exe revealed Microsoft.IdentityManagement.SolutionPackUtility.exe and TrustedInstaller.exe were running.

Continue reading ›

2011 11 20 Carol FIM 2010 Comments (0) Permalink

FIM Portal demo – using FIM to manage BPOS/Office 365

Regular readers of this blog will know that, a few months ago, I made a big move from Europe back to my native Australia. All our stuff finally turned up a couple of weeks ago, and while looking for something else on a harddrive I came across this recording I made which demonstrates part of the FIM-BPOS solution I worked on in Switzerland.

I made this recording as an emergency backup for a session I gave at TEC, in case of laptop implosion or other unforseen disaster. So it’s not particularly professional and in fact a bit rubbish in places (there must have been some “zoom to mouse” setting so I’m afraid there’s a couple of nice long shots of the corner of the screen), however I’ve decided to share it as an example of some of the useful things you can do with the FIM Portal.
Continue reading ›

2011 11 12 Carol BPOS
FIM 2010
Office 365 Comments (0) Permalink

200th Post!

Today’s post is my 200th. As my 100th post slipped by without me noticing I’m going to give myself a self-indulgent look back over the history of missmiis to celebrate this milestone.

Continue reading ›

2011 10 24 Carol Uncategorized Comments (1) Permalink

Generating Reference attributes from String data

Once upon a time we used to be able to write Advanced Flow Rules for reference attributes. Admittedly this sometimes led to horribly inefficient code, but it was useful – particluarly when paired with FindMVEntries to lookup and then reference an existing Metaverse object.

With FIM we lost this capability, and Microsoft claim we were never supposed to be doing it anyway – that it was “unsupported” all along. So what do you do if you’ve got string data and you really need references? One Sync-based way is to loop the data through a SQL MA, bringing it back in as a reference.

Continue reading ›

2011 10 21 Carol FIM 2010
SQL
VB.NET Comments (0) Permalink